| If you have an apple and I have an apple
| |
| | kernel and network address translation
|
| and we exchange these apples then you and
| |
| | (NAT). For NATing one can use either
|
| I will still each have one apple. But if
| |
| | ipchains or iptables. It is assumed that
|
| you have an idea and I have an idea and
| |
| | the private network is in the
|
| we exchange these ideas, then each of us
| |
| | 192.168.1.0-255 range.
|
| will have two ideas.-- George Bernard
| |
| | Let us take the example of a simple
|
| ShawThe computer world was similar to all
| |
| | network. The server is used to connect
|
| of us having an apple each till some time
| |
| | to the internet. It's IP address is
|
| back. And then the wise men from the
| |
| | 192.168.1.1. There are 4 workstations
|
| industry made networks. Ideas started
| |
| | 192.168.1.2-5. They are connected to the
|
| flowing all over and soon came in the
| |
| | server via the switch. All the
|
| internet. The internet has been the best
| |
| | workstations share the internet through
|
| thing that has happened to the computer
| |
| | 192.168.1.1The first step is to enable
|
| world so far. It has created a platform
| |
| | ipforwarding in the kernel of the server
|
| where we can share our ideas.Since the
| |
| | (192.168.1.1).$ vi /etc/sysctl.conf
|
| Internet is a large network composed of
| |
| | Change the line
|
| smaller networks, it made sense to break
| |
| | net.ipv4.ip_forward = 0
|
| the address space into smaller chunks.
| |
| | to
|
| Network classes enable us to break down
| |
| | net.ipv4.ip_forward = 1This would enable
|
| this address space. In IPv4 the various
| |
| | ip forwarding.Then we need to get the
|
| classes of networks are -Class A networks
| |
| | server to NAT which can be done via
|
| have an address range between 1.0.0.1 to
| |
| | ipchains or iptables.If ipchains is used,
|
| 126.255.255.254 and support 16 million
| |
| | create a file called rc.fw and add
|
| hosts on each of 127 networks.
| |
| | following lines$ vi /etc/rc.d/init.d
|
| Class B networks have an address range
| |
| | rc.fw#!/bin/bash# First Load the ipchains
|
| between 128.1.0.1 to 191.255.255.254 and
| |
| | kernel module. Required only if ipchains
|
| support 65,000 hosts on each of 16,000
| |
| | is compiled as a module.
|
| networks.
| |
| | /sbin/modprobe ipchains
|
| Class C networks have an address range
| |
| | insmod ipchains# MASQ the full
|
| between 192.0.1.1 to 223.255.254.254 and
| |
| | 192.168.1.0/24 network
|
| support 254 hosts on each of 2 million
| |
| | /sbin/ipchains -A forward -s 192.168.1.0
|
| networks.
| |
| | 24 -j MASQ# List the rules
|
| Class D networks have an address range
| |
| | /sbin/ipchains -L -nIf iptables is used
|
| between 224.0.0.0 to 239.255.255.255 and
| |
| | instead of ipchains, create a file called
|
| are reserved for multicast groups.
| |
| | rc.fw and add the following lines -$ vi
|
| Class E networks have an address range
| |
| | etc/rc.d/init.d/rc.fw#!/bin/bash# First
|
| between 240.0.0.0 to 254.255.255.254 and
| |
| | Load the ipchains kernel module .
|
| are reserved for the futureSuch a system
| |
| | Required only if iptables is compiled as
|
| makes things simple and networks are
| |
| | a module
|
| manageable. However, they cannot
| |
| | /sbin/modprobe iptables
|
| communicate with each other. The scenario
| |
| | insmod iptables# MASQ the full network
|
| is very similar to how communities grew
| |
| | /sbin/iptables -t nat -A POSTROUTING -j
|
| around the world. With time people from
| |
| | MASQUERADE# List the rules
|
| different communities needed to
| |
| | /sbin/iptables -LThis would look after
|
| communicate with each other, however
| |
| | all the entire data traffic from the
|
| language was the barrier. The solution
| |
| | local network to the internet.Finally add
|
| they found was people who understand both
| |
| | this to the startup -$ vi /etc/rc.local
|
| the languages i.e. translators. So if you
| |
| | Add the line
|
| need to talk to a beautiful French girl,
| |
| | /etc/rc.d/init.d/rc.fwThis ensures that
|
| all you need to do is get somebody who
| |
| | the settings are retained after a reboot
|
| understands French and can translate
| |
| | also.After rebooting the server would do
|
| English to French and vice versa. Routers
| |
| | all the routing functions for the entire
|
| /gateways do the same in computer
| |
| | network.On the client side all that is
|
| networks. Different networks communicate
| |
| | required is to set the default router
|
| with each other using routers.A router
| |
| | gateway as the server's IP i.e.
|
| allows hosts that are not on the same
| |
| | 192.168.1.1. The entire network is now
|
| logical network, like an IP subnet, to
| |
| | set to share the internet
|
| communicate with each other. The router
| |
| | connection.Amarjyoti Krishnan heads
|
| receives packets (chunks of data) on an
| |
| | bobcares.com, a tech support company for
|
| interface and routes them to where they
| |
| | webhosts and ISPs. He is the co-founder
|
| need to go based on a routing table; the
| |
| | of Poornam Info Vision Ltd., a software
|
| table allows the router to have knowledge
| |
| | and IT services company which specializes
|
| of where a given logical network is
| |
| | in Linux based solutions for Webhosts and
|
| located.Most offices and homes have small
| |
| | ISPs. Poornam Info Vision is an ISO
|
| class C private networks. These networks
| |
| | 9001:2000 certified company with a team
|
| need to communicate with the servers in
| |
| | of over 100 engineers.Amarjyoti is a
|
| the internet. The only logical way for
| |
| | Computer Engineer based in India and has
|
| them is to use a gateway/router. Linux
| |
| | over 7 years of experience in the hosting
|
| has routing functionality in the kernel
| |
| | industry. He has spoken and written
|
| itself which makes it an ideal choice for
| |
| | extensively on the subject. His articles
|
| as routing box.One simple way of sharing
| |
| | have been published both online as well
|
| the internet connection using linux is
| |
| | as in print in magazines.
|
| using the IP forwarding feature of the
| |
| |
|
